1 / 64

Simple Network Management Protocol

Simple Network Management Protocol. By - Suparna Sri. Agenda . Introduction Network Level Architecture Operation of Protocol Applications of Protocol Event flows Message Formats Extensions, Performance & Security Issue Conclusion References. Introduction.

grobles
Download Presentation

Simple Network Management Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Simple Network Management Protocol By - Suparna Sri

  2. Agenda • Introduction • Network Level Architecture • Operation of Protocol • Applications of Protocol • Event flows • Message Formats • Extensions, Performance & Security Issue • Conclusion • References

  3. Introduction • SNMP is an application layer protocol that facilitates the exchange of management information between network devices. • It is used for collecting information from, and configuring, network devices, such as servers, printers, hubs, switches, and routers on an Internet Protocol (IP) network. • SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.

  4. Basic Components of SNMP • NMS (Network Management Station) • Managed Devices • Agents • MIB (Management Information Base)

  5. NMSexecutes applications that monitor and control managed devices. • It executes applications that monitor and control managed devices. One or more NMS’s must exist on any managed network. • NMS is a general purpose computer running special software

  6. Managed Device is a network node that contains an SNMP agent and that resides on a managed network. • Managed devices collect and store management information and make this information available to NMSs using SNMP. • Managed devices, sometimes called network elements, can be routers and access servers, switches and bridges, hubs, computer hosts, or printers.

  7. Agents is a network-management software module that resides in a managed device. An agent has local knowledge of management information and translates that information into a form compatible with SNMP.

  8. Network Level Architecture

  9. MIB Structure • Every management station or an agent in an SNMP architecture maintains a local database having information related to the network management. • This virtual information store is called MIB- objects database • An SNMP MIB contains definitions and information about the properties of managed resources and the services that the agents support. The manageable features of resources, as defined in an SNMP MIB, are called managed objects

  10. Management Information Base

  11. MIB object identifiers • Each object in the MIB has an object identifier (OID) • Management station uses ODI to request the object's value from the agent. • An OID is a sequence of integers that uniquely identifies a managed object by defining a path to that object through a tree-like structure called theOID tree or registration tree. • When an SNMP agent needs to access a specific managed object, it traverses the OID tree to find the object.

  12. SNMP ODI Hierarchy Format

  13. Operation of Protocol • Read: It is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices. • Write: It is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices. • Trap: The trap command is used by managed devices to asynchronously report events to the NMS. When certain types of events occur, a managed device sends a trap to the NMS.

  14. Operation of the Protocol • Get • Get next • Get-bulk • Set • Set response • Trap • Notification • Inform • Report

  15. ‘get’ and ‘getnext’ Operation • The get request is initiated by the NMS, which sends the request to the agent. The agent receives the request and processes it to best of its ability. • The get command is useful for retrieving a single MIB object at a time. • The get-next operation lets you issue a sequence of commands to retrieve a group of values from a MIB

  16. ‘get’ Operation

  17. ‘get bulk’ operation • SNMPv2 defined the get-bulk operation which allows a management application to retrieve a large section of a table at once. • The standard get operation can attempt to retrieve more than one MIB object at once, but message sizes are limited by the agent's capabilities. If the agent can't return all the requested responses, it returns an error message with no data. • Get bulk command consists of two fields non-repeaters and max – repetitions and these fields are set when issuing a get-bulk command non-repeaters and max-repetitions. • Non-repeaters tells the get-bulk command that the first N objects can be retrieved with a simple get-next operation. Max-repetitions tells the get-bulk command to attempt up to M get-next operations to retrieve the remaining objects

  18. ‘get bulk’ Operation

  19. ‘set’ Operation • The set command is used to change the value of a managed object or to create a new row in a table. Objects that are defined in the MIB as read-write or write-only can be altered or created using this command. It is possible for an NMS to set more than one object at a time.

  20. ‘trap’ Operation • Trap: A trap is a way for an agent to tell the NMS that something bad has happened. • The trap originates from the agent and is sent to the trap destination, as configured within the agent itself. The trap destination is typically the IP address of the NMS.

  21. Scenarios when ‘trap’ occurs • A network interface on the device (where the agent is running) has gone down. • A network interface on the device (where the agent is running) has come back up. • An incoming call to a modem rack was unable to establish a connection to a modem. • The fan on a switch or router has failed.

  22. Generic types of ‘trap’ • Coldstart(0) :Indicates that the agent has rebooted. All management variables will be reset; specifically, Counters and Gauges will be reset to zero (0). It can also be used to determine when new hardware is added to the network. • Warmstart(1):Indicates that the agent has reinitialized itself. None of the management variables will be reset. • Linkdown(2): Sent when an interface on a device goes down. The first variable binding identifies which interface went down. • Linkup(3): Sent when an interface on a device comes back up.

  23. Generic types of ‘trap’ • authenticationFailure(4):Indicates that someone has tried to query your agent with an incorrect community string; useful in determining if someone is trying to gain unauthorized access to one of your devices. • egpNeighborloss(5): Indicates that an Exterior Gateway Protocol (EGP) neighbor has gone down. • Enterprisespecific(6): Indicates that the trap is enterprise-specific which are used by SNMP to define their own traps under the private-enterprise branch of the SMI object tree.

  24. Other SNMP operations • SNMP notification: As the PDUs of snmpv1,v2 and v3,notification-type is used as a means of notification for this. • SNMP inform: inform mechanism provides communication between manager-manager • SNMP report: Allows the SNMP engines to communicate with each other mainly to report the problems with processing SNMP messages

  25. Message Sent Between an SNMP Manager and its Managed Devices

  26. Event Flow of SNMP protocol • Represents Interactions and timing of the SNMP protocol between the SNMP manager and the SNMP agent. • Traps are unsolicited messages sent from the agent to the manager. • There are four functions of SNMP: get request, trap, get next and set request.

  27. Event Flow of SNMP operations

  28. Network Management System

  29. SNMPv3 Applications Five types of application which can be associated with an SNMP engine are described in RFC 2273. These applications are : - Command generators, which monitor and manipulate management data, - Command responders, which provide access to management data, - Notification originators, which initiate asynchronous messages, - Notification receivers, which process asynchronous messages, and - Proxy forwarders, which forward messages between entities.

  30. Flow diagram of Command Generator and Command Responder

  31. PRIMITIVES BETWEEN MODULES

  32. sendPdu

  33. prepareOutgoingMessage

  34. generateRequestMsg

  35. send / receive

  36. prepareDataElements

  37. processIncomingMsg

  38. processPd

  39. isAccessAllowed

  40. returnResponsePdu

  41. prepareResponseMessage

  42. generateResponseMsg

  43. send / receive

  44. prepareDataElements

  45. processIncomingMsg

  46. processResponsePdu

  47. Performance management : to quantify, measure, report, analyze and control the performance of network components. Fault management : to detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively. Configuration management : to monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed. Accounting management : to measure network utilization parameters so that individual or group uses on the network can be regulated appropriately. Security management : to control access to network resources according to local guidelines so that the network cannot be sabotaged and sensitive information cannot be accessed by those without appropriate authorization. Five areas of network management

  48. SNMP Message Format SNMP uses two well-known ports to operate: • UDP/TCP Port 161 – SNMP Request/Response Messages • UDP/TCP Port 162 - SNMP Trap Messages Ethernet Frame IP Packet SNMP Message UDP Datagram CRC SNMPv3 defines a security capability to be used in conjunction with SNMPv1 (runs over UDP) or SNMPv2 (also runs over TCP)

  49. SNMP General Message Format

  50. SNMP V1 General Message Format General Message Format

More Related